CVE-2025-53882

Medium CVSS 4.4

Overview

A Improper Check for Dropped Privileges vulnerability in the logrotate setup of openSUSE Tumbleweed mailman3 allows the mailman user to create files as root, allowing for a potential privilege escalation. This issue affects openSUSE Tumbleweed: from ? before 3.3.10-2.1.

CWE: CWE-273 Published: 2025-07-23T10:15:24.650

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 4.4 (MEDIUM)
Detected tags: priv_esc (tag impact: HIGH)

Recommended actions:

Fix privilege escalation urgently.
Enforce least-privilege and strengthen EDR detection.

Overview

Recommended tools

Tags